Shedding new light on the Data Breach incident to have affected Home Depot, the home improvement retailer, it reported that hackers used a third-party vendor’s username and password to enter the perimeter of their network and then acquired elevated rights that allowed them to navigate and deploy unique, custom-built malware on its self-checkout systems in the U.S. and Canada.
The new findings are the result of weeks of investigation by The Home Depot, in cooperation with law enforcement and the company’s third-party IT security experts.
The September reveal of one of the largest data thefts to have hit the US retail industry, pointed out that 56 million debit and credit cards’ data was compromised in a hack attack that started in April and cost $62 million. Separate files containing approximately 53 million email addresses were also taken during the breach, Home Depot has reported. These files did not contain passwords, payment card information or other sensitive personal information.
Affected customers in the U.S. and Canada are being notified by the company, and have been asked to be on guard against phishing scams, which are “designed to trick customers into providing personal information in response to phony emails.”
Target, JP Morgan Chase, Supervalu, are some of the other names that have been victims to cyber attacks in the recent past, with attacks coming up at a now-regular frequency.
Read more here
(Image Credit: Mike Mozart)
